Below, we will outline typical firewall block reasons as well as what causes them & how to prevent them from happening.
In some cases, you may be able to use our IP Unblock tool found inside your client portal to unblock your IP. In the event you are unsuccessful at removing the IP block, you may need to contact our support depending on the block that was triggered.
Port Scan
A âPort Scanâ block indicates that you have an application/program on your computer or mobile device from your location that is making connection attempts to our servers on closed ports. The most common problem is due to incorrectly configured FTP applications, email clients and/or trying to SSH into the default port.
Failed SMTP Login (Send Mail)
The âFailed SMTP Authâ block means that there are multiple consecutive failed SMTP logins for email. This is typically due to making login attempts from a device such as a mobile phone or email client on a PC that has an incorrect email address and/or password being used. To protect against a hacker brute forcing into the email account, our firewall blocks the IP of failed logins as a security precaution. The firewall will block first for 30 minutes, then an hour, then permanently.
Failed POP3 Login
The âFailed POP3 Loginâ entry indicates that your email client using the POP3 protocol for email has an incorrect email address and/or password. We recommend that you double check and/or reset the password for the email account in question to resolve this issue.
Failed FTP Login
The âFailed FTP Loginâ block indicates that the login attempts for an FTP connection are failing due to an incorrect username and/or password. To protect against brute force hackers, our firewall will block large amounts of failed FTP logins as a security precaution.
Mod Security
In the event you see a âmod_securityâ block being triggered, you will need to contact our support. There are many reasons why a mod_security related block can be triggered and it will need to be investigated further. The reasons can range from issues with website modules/plugins triggering a SQL injection block to simply too many failed CMS logins.
Failed cPanel or Webmail Logins
The âFailed cPanel loginâ block can be triggered in two different ways. The first is by making failed login attempts to your cPanel login screen. In this event, we recommend that you reset your cPanel password and verify the username is correct. This firewall block can also be triggered from failed âwebmailâ logins as well, as the webmail. It is advised to also ensure youâre using the correct email address & password for webmail in addition to cPanel to make sure the block does not continue to happen.